[gnutls-dev] GnuTLS 1.5.3 - experimental

I am happy to announce GnuTLS 1.5.3, a release on the current
development branch. We still recommend the 1.4.x branch as the stable
version.
One goal with the 1.5.x branch is to make Windows x86 a supported
platform for GnuTLS. We do this by providing a binary Windows
installer of GnuTLS, cross-compiled from GNU/Linux using MinGW and
NSIS. The installer is (lightly) tested on Windows 2000 and Windows
XP. It is possible to develop applications in Visual Studio or MinGW
that links to the library. See http://josefsson.org/gnutls4win/ for
more information on the Windows releases.
GnuTLS is a modern C library that implement the standard network
security protocol Transport Layer Security (TLS), for use by network
applications.
* Version 1.5.3 (released 2006-10-26)
** Add new self-test of RSA-MD5 signature chains.
Note that we already, since GnuTLS 1.2.9, reject RSA-MD5 signatures
when verifying X.509 chains. The code is in tests/rsa-md5-collision/
and is based on the work by Marc Stevens et al, see
<http://www.win.tue.nl/hashclash/TargetCollidingCertificates/>.
** Re-factor self tests.
** The include copy of Libtasn1 is updated to version 0.3.7.
** The included copy of OpenCDK is updated to version 0.5.11.
** Fix the filename of the *.def file on Windows after library version bump.
** Separated the gnulib directory into one for LGPL modules and one for GPL.
This allows the GPL'd part of GnuTLS to take advantage of the GPL'd
gnulib modules. Earlier we could only use the LGPL'ed module from
gnulib, because two gnulib directories in the same project didn't
work.
** API and ABI modifications:
No changes since last version.
Improving GnuTLS is costly, but you can help! We are looking for
organizations that find GnuTLS useful and wish to contribute back.
You can contribute by reporting bugs, improve the software, or donate
money or equipment.
Commercial support contracts for GnuTLS are available, and they help
finance continued maintenance. Simon Josefsson Datakonsult, a
Stockholm based privately held company, is currently funding GnuTLS
maintenance. We are always looking for interesting development
projects. See http://josefsson.org/ for more details.
All manual formats are available from:
http://www.gnutls.org/manual/
Direct link to the most popular formats:
http://www.gnutls.org/manual/gnutls.html - HTML format
http://www.gnutls.org/manual/gnutls.pdf - PDF format
http://www.gnutls.org/reference/ch01.html - API Reference, GTK-DOC HTML
If you need help to use GnuTLS, or want to help others, you are
invited to join our help-gnutls mailing list, see:
<http://lists.gnu.org/mailman/listinfo/help-gnutls>.
The project page of the library is available at:
http://www.gnutls.org/http://www.gnu.org/software/gnutls/http://josefsson.org/gnutls/ (updated fastest)
Here are the compressed sources (4.1MB):
http://josefsson.org/gnutls/releases/gnutls-1.5.3.tar.bz2ftp://ftp.gnutls.org/pub/gnutls/devel/gnutls-1.5.3.tar.bz2
Here are GPG detached signatures signed using key 0xB565716F:
http://josefsson.org/gnutls/releases/gnutls-1.5.3.tar.bz2.sigftp://ftp.gnutls.org/pub/gnutls/devel/gnutls-1.5.3.tar.bz2.sig
The software is cryptographically signed by the author using an
OpenPGP key identified by the following information:
pub 1280R/B565716F 2002-05-05 [expires: 2007-02-15]
uid Simon Josefsson <jas at extundo.com>
uid Simon Josefsson <simon at josefsson.org>
sub 1280R/4D5D40AE 2002-05-05 [expires: 2007-02-15]
sub 1024R/09CC4670 2006-03-18 [expires: 2007-04-22]
sub 1024R/AABB1F7B 2006-03-18 [expires: 2007-04-22]
sub 1024R/A14C401A 2006-03-18 [expires: 2007-04-22]
The key is available from:
http://josefsson.org/key.txt
dns:b565716f.josefsson.org?TYPE=CERT
Here are the SHA-1 and SHA-224 checksums:
f71a2a9fd09b2a1f7c368cd9eebb16d47feadff9 gnutls-1.5.3.tar.bz2
10011a138fb4cca9a09ab719e6e4c2642fff922b gnutls-1.5.3.tar.bz2.sig
e4fc78b35c571c278db5771533d71b566242156efcfc3a3f8a99c5c1 gnutls-1.5.3.tar.bz2
944072cc6d54f22c9699fac33624d75a0864b675e462665cfd546fcf gnutls-1.5.3.tar.bz2.sig
Enjoy,
Nikos and Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 419 bytes
Desc: not available
Url : /pipermail/attachments/20061026/c72214d7/attachment-0001.pgp